commit 00285acca3c2d267e1403062eb2928eb0e45674e Author: Roger Dingledine arma@torproject.org Date: Sun Dec 22 02:35:20 2013 -0500
fold in changes files so far --- ChangeLog | 24 ++++++++++++++++++++++++ changes/bug10402 | 11 ----------- changes/bug10409 | 3 --- changes/bug10423 | 4 ---- changes/bug10456 | 6 ------ 5 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/ChangeLog b/ChangeLog index c401a65..eb4a0be 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,27 @@ +Changes in version 0.2.4.20 - 201?-??-?? + o Major bugfixes: + - Do not allow OpenSSL engines to replace the PRNG, even when + HardwareAccel is set. The only default builtin PRNG engine uses + the Intel RDRAND instruction to replace the entire PRNG, and + ignores all attempts to seed it with more entropy. That's + cryptographically stupid: the right response to a new alleged + entropy source is never to discard all previously used entropy + sources. Fixes bug 10402; works around behavior introduced in + OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman" + and "rl1987". + - Avoid launching spurious extra circuits when a stream is pending. + This fixes a bug where any circuit that _wasn't_ unusable for new + streams would be treated as if it were, causing extra circuits to + be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha. + + o Minor bugfixes: + - Avoid a crash bug when starting with a corrupted microdescriptor + cache file. Fixes bug 10406; bugfix on 0.2.2.6-alpha. + - If we fail to dump a previously cached microdescriptor to disk, avoid + freeing duplicate data later on. Fixes bug 10423; bugfix on + 0.2.4.13-alpha. Spotted by "bobnomnom". + + Changes in version 0.2.4.19 - 2013-12-11 The Tor 0.2.4 release series is dedicated to the memory of Aaron Swartz (1986-2013). Aaron worked on diverse projects including helping to guide diff --git a/changes/bug10402 b/changes/bug10402 deleted file mode 100644 index eac00bd..0000000 --- a/changes/bug10402 +++ /dev/null @@ -1,11 +0,0 @@ - o Major bugfixes: - - Do not allow OpenSSL engines to replace the PRNG, even when - HardwareAccel is set. The only default builtin PRNG engine uses - the Intel RDRAND instruction to replace the entire PRNG, and - ignores all attempts to seed it with more entropy. That's - cryptographically stupid: the right response to a new alleged - entropy source is never to discard all previously used entropy - sources. Fixes bug 10402; works around behavior introduced in - OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman" - and "rl1987". - diff --git a/changes/bug10409 b/changes/bug10409 deleted file mode 100644 index 5ef5ae2..0000000 --- a/changes/bug10409 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Avoid a crash bug when starting with a corrupted microdescriptor - cache file. Fix for bug 10406; bugfix on 0.2.2.6-alpha. diff --git a/changes/bug10423 b/changes/bug10423 deleted file mode 100644 index 493b7b1..0000000 --- a/changes/bug10423 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - If we fail to dump a previously cached microdescriptor to disk, avoid - freeing duplicate data later on. Fix for bug 10423; bugfix on - 0.2.4.13-alpha. Spotted by "bobnomnom". diff --git a/changes/bug10456 b/changes/bug10456 deleted file mode 100644 index fb3b92f..0000000 --- a/changes/bug10456 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Avoid launching spurious extra circuits when a stream is pending. - This fixes a bug where any circuit that _wasn't_ unusable for new - streams would be treated as if it were, causing extra circuits to - be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha. -